Novell File Reporter NFRAgent.exe VOL Tag Remote Code Execution Vulnerability
Gravité: : Medium
Identifiant(s) CVE: : CVE-2011-2750
Date du conseil: 21 juillet 2015
Description
NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote attackers to delete arbitrary files via a full pathname in an SRS OPERATION 4 CMD 5 request to /FSF/CMD.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1005232
Trend Micro Deep Security DPI Rule Name: 1005232 - Novell File Reporter 'NFRAgent.exe' VOL Tag Remote Code Execution Vulnerability
Affected software and version:
- novell file_reporter 1.0.1
- novell file_reporter 1.0.1.1
- novell file_reporter 1.0.2
- novell file_reporter 1.0.4.2